nginx url decoded trigger the waf vulnerability-vulnerability warning-the black bar safety net
Last year found the ngx a bug, and until recently air only wrote this post. Nginx ngxunescapeuri function in the processing of url decode when not follow the standard url decode, causing a range use this function to decode the waf There are bypass vulnerability The problem occurs in the function ...